Security Bulletin

Organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding ongoing attacks exploiting a cross-site scripting vulnerability impacting various versions of the Roundcube email server, tracked as CVE-2023-43770...

Third-party vendor IMS told BoA last fall that data from “deferred compensation plans" may have been compromised.

Cascading critical CVEs, cyberattacks, and delayed patching are plaguing Ivanti VPNs, and forcing cybersecurity teams to scramble for solutions. Researchers are unimpressed.

An attack on a technology partner claimed by LockBit ransomware exposed sensitive information, including Social Security numbers, of more than 57,000 banking customers.

Saudi Arabia charity was under surveillance with the modified reverse proxy tool, researchers discovered.

Recent shifts underscore the importance of collaboration and alignment between these two IT leaders for successful digital transformation.

Attacks with the novel Coyote banking trojan have been deployed against 61 banks across Brazil, The Hacker News reports.

StateScoop reports that Florida lawmakers have been mulling to return $40 million in funding meant to advance state and local entities' cybersecurity defenses to the state's general fund.

The ongoing campaign incorporates individualized phishing lures and has targeted hundreds of user accounts across dozens of organizations.

California-based data security technology provider Cohesity has revealed plans to purchase Veritas Software's data protection unit for $7 billion, in a deal that is poised to be finalized by the latter part of this year, reports CRN.

Ransomware expert warns public disclosure gives Rhysida opportunity to strengthen encryption.

Here’s three ways we can create more diversity into cybersecurity and fulfill the staffing needs the industry desperately requires.